2 matches found
UBUNTU-CVE-2026-54369
acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions aclgetfile, aclsetfile, aclextendedfile, and acldeletedeffile that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who contr...
Next.js 授权问题漏洞
Next.js is a React framework open-sourced by Vercel. An authorization issue vulnerability exists in versions of Next.js prior to 14.2.15, which stems from the fact that if an application performs authorization in middleware based on a pathname, a page in the root directory of the application may...